ENHANCED PRIVACY ID A DIRECT ANONYMOUS ATTESTATION SCHEME WITH ENHANCED REVOCATION CAPABILITIESUnder the Guidance of Ms. K.RevathiPresented by: Zeeshan Afaque (1030920074) Sagar Gupta(1030920058) Sajid Mujtaba(1030920059) Shubham Chaturvedi(1030920075)
Explanation…Direct Anonymous Attestation (DAA) Enables Remote Authentication of trusted platform. Preserves user privacy and Linkability. TPM proves validness to the remote requesting party. TPM can be revoked only if the DAA private key in extracted Publishing of private key is necessary. TPM cannot be revoked if private key is not sent to verifier
Abstract… A new Scheme can be developed called EPID( Enhances privacy scheme). Provides Unlinkability in a more secure manner. TPM can be revoked even if the Private key is unknown. No need to distribute the private key. Same security model as in DAA More efficient in exception handling than the conventional DAA.
Terminologies… DAA : Direct Anonymous Attestation TPM : Trusted Platform Module EPID : Enhanced Privacy ID
Existing System…o In DAA, an issuer creates group public key.o TPM obtains unique key from the issuer.o For authentication the TPM Generates a Signature.o The verifier verifies the generated signature.o If the TPM was found compromised, the private key is placed in the revocation list.o Verifier checks the signature against the Revocation list.o The appropriate result is issued.
Proposed System… EPID is developed. Enhanced revocation capabilities. Broader capability beyond attestation and TCG(trusted computation group). Contains four Entities: • Issuer. • Revocation manager • User • Verifier The issuer can be the same entity as the revocation manager. The signatures must be: Unforgeable . Anonymous. Unlinkable.
Software Requirements… Operating System - Windows XP Platform - Visual Studio .NET 2008 Database - SQL Server 2005 Languages - Asp.Net , C#.Net
Hardware Requirements… Hard Disk - 20 GB Monitor - 15’ Color with VGI card support RAM - Minimum 1 GB Processor - Pentium IV and Above (or) Equivalent Processor Speed - Minimum 500 MHz speed
Algorithm…EPID scheme consists of four procedures : Setup : The issuer creates a group public key and a group issuing private key. The Issuer publishes the group public key. Join : Protocol between the issuer and a user that results in the user becoming a new group member. At the end, the user obtains a membership private key from the issuer.
Proof of membership : A prover interacts with a verifier to convince the verifier that he is a member of the group by following ways- The prover sends a request to the verifier. The verifier responds with a message m. The prover generates a signature on m based on his membership private key. The verifier verifies the signature using the group public key.
Revocation : The revocation manager puts a group member into the revocation list. There are three types of revocations: Private-key-based revocation in which the revocation manager revokes a user based on the user’s membership private key. Signature based revocation in which the revocation manager revokes a user based on the signatures created by the user. Issuer-based revocation in which the revocation manager revokes a user based on the recommendation from the issuer.